CentOS 7
Sponsored Link

Puppet : Install
2015/07/22
 
Install and setup the Configuration management tool "Puppet".
It's possible to use it on a server with standalone though, but this example setup it with Puppet server and Puppet client environment.
It's necessarry to setup DNS or hosts settings to resolve names or IP address and also NTP settings first.
[1] Install puppet-server on Puppet Server Host.
[[email protected] ~]#
yum -y install https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
[[email protected] ~]#
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo

[[email protected] ~]#
yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet-server
[[email protected] ~]#
vi /etc/puppet/puppet.conf
[main]
# add follows into [main] section : Puppet server's DNS name

    dns_alt_names = dlp.srv.world,dlp
[[email protected] ~]#
puppet master --verbose --no-daemonize

Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for dlp.srv.world
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for dlp.srv.world
Info: Certificate Request fingerprint (SHA256): 
Notice: dlp.srv.world has a waiting certificate request
Notice: Signed certificate request for dlp.srv.world
Notice: Removing file Puppet::SSL::CertificateRequest dlp.srv.world at 
    '/var/lib/puppet/ssl/ca/requests/dlp.srv.world.pem'
Notice: Removing file Puppet::SSL::CertificateRequest dlp.srv.world at 
    '/var/lib/puppet/ssl/certificate_requests/dlp.srv.world.pem'
Notice: Starting Puppet master version 3.8.1
# push Ctrl + C to quit
[[email protected] ~]#
systemctl start puppetmaster

[[email protected] ~]#
systemctl enable puppetmaster

[2] Install puppet on Puppet Client Host.
[[email protected] ~]#
yum -y install https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
[[email protected] ~]#
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo

[[email protected] ~]#
yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet
[[email protected] ~]#
vi /etc/puppet/puppet.conf
[agent]
# add follows into [agent] section : Puppet server's hostname or IP address

    server = dlp.srv.world
[[email protected] ~]#
puppet agent --test --ca_server=dlp.srv.world

Info: Creating a new SSL key for node01.srv.world
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for node01.srv.world
Info: Certificate Request fingerprint (SHA256): 
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

[[email protected] ~]#
systemctl start puppet

[[email protected] ~]#
systemctl enable puppet

[3] Enable certificate from Puppet Client on Puppet Server.
# show certificate requests

[[email protected] ~]#
puppet cert list

  "node01.srv.world" (SHA256) xx:xx:xx:xx:xx:xx:xx
# sign

[[email protected] ~]#
puppet cert --allow-dns-alt-names sign node01.srv.world

Notice: Signed certificate request for node01.srv.world
Notice: Removing file Puppet::SSL::CertificateRequest node01.srv.world at 
    '/var/lib/puppet/ssl/ca/requests/node01.srv.world.pem'
[4] Make sure Puppet Server/Client works normally to create a test manifest.
Puppet clients refer to manifests on Puppet server for every 30 minutes by default, so wait for a moment to make sure it or if you'd like to make sure at once, restart Puppet Client daemon(puppetd).
[[email protected] ~]#
vi /etc/puppet/manifests/site.pp
# for example, create a "testgroup" like follows

group { 'testgroup':
    ensure => present,
    gid    => 2000,
}

# restart puppetd if you make sure it at once

[[email protected] ~]#
systemctl restart puppet
[[email protected] ~]#
grep testgroup /etc/group

testgroup:x:2000:
[5] It's possible to apply manifest to local environment manually like follows.
[[email protected] ~]#
puppet apply /etc/puppet/manifests/site.pp

Notice: Compiled catalog for dlp.srv.world in environment production in 0.13 seconds
Notice: /Stage[main]/Main/Group[testgroup]/ensure: created
Notice: Finished catalog run in 0.34 seconds